Merge pull request #3 from MicrosoftDocs/master

sync with master

Author: danimir

.openpublishing.redirection.json

@@ -120,7 +120,7 @@ To set up client credential flow, see [Azure Active Directory v2.0 and the OAuth
 
 #### Web API chains (on-behalf-of flow)
 
-Many architectures include a web API that needs to call another downstream web API, where both are secured by Azure AD B2C. This scenario is common in native clients that have a Web API back-end and calls a Microsoft online service such as the Azure AD Graph API.
+Many architectures include a web API that needs to call another downstream web API, where both are secured by Azure AD B2C. This scenario is common in native clients that have a Web API back-end and calls a Microsoft online service such as the Microsoft Graph API or Azure AD Graph API.
 
 This chained web API scenario can be supported by using the OAuth 2.0 JWT bearer credential grant, also known as the on-behalf-of flow.  However, the on-behalf-of flow is not currently implemented in the Azure AD B2C.
 

articles/active-directory-b2c/active-directory-b2c-apps.md

@@ -273,11 +273,11 @@ Inspect the `B2CGraphClient.SendGraphPatchRequest()` method for details on how t
 
 ### Search users
 
-You can search for users in your B2C tenant in following ways:
+You can search for users in your B2C tenant in the following ways:
 
 * Reference the user's **object ID**.
 * Reference their sign-in identifer, the `signInNames` property.
-* Reference any of the valid OData parameters, e.g. givenName, surname, displayName etc.
+* Reference any of the valid OData parameters. For example, 'givenName', 'surname', 'displayName' etc.
 
 Run one of the following commands to search for a user:
 

articles/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet.md

@@ -1,6 +1,6 @@
 ---
 title: Quickstart - Set up sign-in for a desktop app using Azure Active Directory B2C
-description: Run a sample WPF desktop application that uses Azure Active Directory B2C to provide account sign-in.
+description: In this Quickstart, run a sample WPF desktop application that uses Azure Active Directory B2C to provide account sign-in.
 services: active-directory-b2c
 author: mmacy
 manager: celestedg

articles/active-directory-b2c/active-directory-b2c-quickstarts-desktop-app.md

@@ -1,6 +1,6 @@
 ---
 title: Quickstart - Set up sign-in for a single-page app using Azure Active Directory B2C
-description: Run a sample single-page application that uses Azure Active Directory B2C to provide account sign-in.
+description: In this Quickstart, run a sample single-page application that uses Azure Active Directory B2C to provide account sign-in.
 services: active-directory-b2c
 author: mmacy
 manager: celestedg

articles/active-directory-b2c/active-directory-b2c-quickstarts-spa.md

@@ -1,6 +1,6 @@
 ---
 title: Quickstart - Set up sign in for an ASP.NET application using Azure Active Directory B2C
-description: Run a sample ASP.NET web app that uses Azure Active Directory B2C to provide account sign-in.
+description: In this Quickstart, run a sample ASP.NET web app that uses Azure Active Directory B2C to provide account sign-in.
 services: active-directory-b2c
 author: mmacy
 manager: celestedg

articles/active-directory-b2c/active-directory-b2c-quickstarts-web-app.md

@@ -111,6 +111,7 @@ grant_type=authorization_code&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&sco
 |{tenant}| Required | Name of your Azure AD B2C tenant|
 |{policy}| Required| The user flow that was used to acquire the authorization code. You cannot use a different user flow in this request. |
 | client_id |Required |The application ID assigned to your app in the [Azure portal](https://portal.azure.com).|
+| client_secret | Yes, in Web Apps | The application secret that was generated in the [Azure portal](https://portal.azure.com/). Client secrets are used in this flow for Web App scenarios, where the client can securely store a client secret. For Native App (public client) scenarios, client secrets cannot be securely stored, and therefore are not used in this call. If you use a client secret, please change it on a periodic basis. |
 | grant_type |Required |The type of grant. For the authorization code flow, the grant type must be `authorization_code`. |
 | scope |Recommended |A space-separated list of scopes. A single scope value indicates to Azure AD both of the permissions that are being requested. Using the client ID as the scope indicates that your app needs an access token that can be used against your own service or web API, represented by the same client ID.  The `offline_access` scope indicates that your app needs a refresh token for long-lived access to resources.  You also can use the `openid` scope to request an ID token from Azure AD B2C. |
 | code |Required |The authorization code that you acquired in the first leg of the flow. |
@@ -176,7 +177,7 @@ grant_type=refresh_token&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&scope=90
 |{tenant}| Required | Name of your Azure AD B2C tenant|
 |{policy} |Required |The user flow that was used to acquire the original refresh token. You cannot use a different user flow in this request. |
 | client_id |Required |The application ID assigned to your app in the [Azure portal](https://portal.azure.com). |
-| client_secret |Required |The client_secret associated to your client_id in the [Azure portal](https://portal.azure.com). |
+| client_secret | Yes, in Web Apps | The application secret that was generated in the [Azure portal](https://portal.azure.com/). Client secrets are used in this flow for Web App scenarios, where the client can securely store a client secret. For Native App (public client) scenarios, client secrets cannot be securely stored, and therefore are not used in this call. If you use a client secret, please change it on a periodic basis. |
 | grant_type |Required |The type of grant. For this leg of the authorization code flow, the grant type must be `refresh_token`. |
 | scope |Recommended |A space-separated list of scopes. A single scope value indicates to Azure AD both of the permissions that are being requested. Using the client ID as the scope indicates that your app needs an access token that can be used against your own service or web API, represented by the same client ID.  The `offline_access` scope indicates that your app will need a refresh token for long-lived access to resources.  You also can use the `openid` scope to request an ID token from Azure AD B2C. |
 | redirect_uri |Optional |The redirect URI of the application where you received the authorization code. |

articles/active-directory-b2c/active-directory-b2c-reference-oauth-code.md

@@ -1,6 +1,6 @@
 ---
 title: Tutorial - Grant access to an ASP.NET Core web API from a single-page application - Azure Active Directory B2C
-description: Learn how to use Active Directory B2C to protect a .NET Core web API and call the API from a single-page Node.js application.
+description: In this tutorial, learn how to use Active Directory B2C to protect a .NET Core web API and call the API from a single-page Node.js application.
 services: active-directory-b2c
 author: mmacy
 manager: celestedg

articles/active-directory-b2c/active-directory-b2c-tutorials-spa-webapi.md

@@ -1,6 +1,6 @@
 ---
-title: 'Tutorial: Enable authentication in a single-page application - Azure Active Directory B2C'
-description: Learn how to use Azure Active Directory B2C to provide user login for a single page application (JavaScript).
+title: 'Tutorial - Enable authentication in a single-page application - Azure Active Directory B2C'
+description: In this tutorial, learn how to use Azure Active Directory B2C to provide user login for a single page application (JavaScript).
 services: active-directory-b2c
 author: mmacy
 manager: celestedg

articles/active-directory-b2c/active-directory-b2c-tutorials-spa.md

@@ -202,4 +202,4 @@ In the Modify your sign-up or sign-in custom policy section, you configured the
 
 ## Next steps
 
-For more information about UI elements that can be customized, see [reference guide for UI customization for built-in policies](active-directory-b2c-reference-ui-customization.md).
+For more information about UI elements that can be customized, see [reference guide for UI customization for user flows](active-directory-b2c-reference-ui-customization.md).